Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×
Our Newsletter now includes a Sunday edition! Stay updated 7 days a week!

Unsolicited Mail

Rooo

By Rooo
in IT and Computers

 Share

Recommended Posts

Rooo Star Member

Rooo

Posted
Posted

Is anyone else receiving EMails with Samui addresses with virus attachements?

They come in the guise of well known organisations on Samui or as undelivered mail. :o

Link to comment
Share on other sites
steverino Advanced Member

steverino

Posted
Posted
Is anyone else receiving EMails with Samui addresses with virus attachements?

They come in the guise of well known organisations on Samui or as undelivered mail. :o

I don't think it would be unfair to tell us what particular organisations as we need to be alert about this...what virus is it anyway?

Link to comment
Share on other sites
Rooo Star Member

Rooo

Posted
  • Author
Posted

They are well known organisations & hotels on Samui,I get 2 Emails a day one as an answer to a question & one as undelivered mail sent by me ( which I never sent ) & usually to another Samui based company.

My server usually blocks Email from being open but next time I will try & get virus type.

Thanks.

Link to comment
Share on other sites
Rooo Star Member

Rooo

Posted
  • Author
Posted

File name: screensaver.zip

File size: 29kb

File type: application/octet-stream

Scan result: Virus "W32.Netsky.P@mm" found.

The file attached to this message was infected with a virus that we were unable to clean. You can not download this attachment.

Note: Not all viruses can be cleaned. Please contact the message sender and request that they send you a virus-free version of this attachment.

Link to comment
Share on other sites
waldwolf Silver Member

waldwolf

Posted
Posted (edited)
....Please contact the message sender and request that they send you a virus-free version of this attachment.

I hope you didn't follow those directions. Doing so might confirm your email address as "active" and lead to many more such malware.

This is a rather old (May 2004), but nasty worm. To quote Symantec:

W32.Netsky.P@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning the hard drives and mapped drives. The worm also tries to spread through various file-sharing programs by copying itself into various shared folders.

The From line of the email is spoofed, and its Subject line and message body of the email vary. The attachment name varies with the .exe, .pif, .scr, or .zip file extension.

This worm also uses the Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability to cause unpatched systems to auto-execute the worm when reading or previewing an infected message.

A removal tool is available, should you become infected.

More details here

cheers :o

Edited by waldwolf
Link to comment
Share on other sites
francois Gold Member

francois

Posted
Posted
....Please contact the message sender and request that they send you a virus-free version of this attachment.

I hope you didn't follow those directions. Doing so might confirm your email address as "active" and lead to many more such malware.

This is a rather old (May 2004), but nasty worm. To quote Symantec:

W32.Netsky.P@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning the hard drives and mapped drives. The worm also tries to spread through various file-sharing programs by copying itself into various shared folders.

The From line of the email is spoofed, and its Subject line and message body of the email vary. The attachment name varies with the .exe, .pif, .scr, or .zip file extension.

This worm also uses the Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability to cause unpatched systems to auto-execute the worm when reading or previewing an infected message.

A removal tool is available, should you become infected.

More details here

cheers :D

hi'

do as waldwolf said, and if this goes on, at least send back to sender ...

if it's spamming stuff it would be only what they deserve and if not will teach some to act clean or to clean their machine ... the hard way, but for some it's the only way ..:D

francois

ps: sorry to be a bitrude, but infected mail just p*** me off :o

Link to comment
Share on other sites
francois Gold Member

francois

Posted
Posted

re ...

and as I mentionned sometime ago, ther is only one program that I know that can prevent such thingsto happen, not a spamkiller or this kind of stuff were you're never finish to enter new rules as spammers are some kind of smart *** ...

go to sourceforge,net and find Magic Mail Monitor.

this little piece of FREE soft is a wonder :D

it allows you to download the headers of the received mails, and then you choose to keep, to mark as spam, to delete or to mark as friendly, or simply leave it and get your mail.

it does it without anything being downloaded from the server, only information from the headers. clean the list and receive the ones you only want :D

you can also have a quick preview of a message in texte format.

francois

ps: use this for long and no spam get in my mailbox neither virus :o

Link to comment
Share on other sites
sajal Advanced Member

sajal

Posted
Posted

its likely that those emails didnt come from these organisations...

perhaps someone had these organisations email addresses in their contacts on outlook and that person had your contact also.

so now some malways/spyware/virus infected his system and sending mails from ppl in his contact list to other ppl in his contact list.

check the headers of the mail about the origin IP of the mail.....

you can compare that to mails from other organisations ....

if the IPs are same then all the spam is coming from the same person (or same computer)...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formally ThaiVisa) is Thailand's oldest and most popular expat and foriegner forum. Sign up today and have your say!

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...